Having some trouble getting the IOC - TAXII feed input configured to poll our Soltra Edge repository. Has anyone gotten this working yet? Authentication is fine/tested, it connects to the right p...
Hi splunker;
I want to pull feeds from (https://otx.alienvault.com/taxii/discovery) url for Taxii feeds, and I have got the API key from (https://www.alienvault.com/blogs/security-essentials/otx-i...
I am trying to add Threat Intelligence to my Splunk ES via the HISAC taxii discovery service
I have set up the Intelligence Download with configs: TYPE: taxii URL: https://members.nhisac.org/taxii...
Hi all! I know ES ships with a TAXII client to ingest threat intel over TAXII. Does anything exist for users who do not have ES? I am trying to ingest intel (in STIX 2.1) being distributed via a...
...ntel taxii feed settings in the web gui. Data inputs » Intelligence Downloads » Type: taxii URL: https://otx.alienvault.com/taxii/discovery POST Arguments: <this is where my key s...
Hi, I checked Splunkbase for an integration with an intel feed reader we use, Obstract (https://www.obstracts.com/), but was unable to find anything. They offer a TAXII feed (version 2.1) but I d...
Evening All, Have been working on setting up a Taxii feed pulling observables in from CISA/DHS however seem to be encountering the following error message which looks like an SSL error: s...
Hi. Does the Splice or Splunk Enterprise Security app support certificate-based authentication to the taxii service such as FS-ISAC? Is there a need to use third-party integrator such as Soltra E...